Mini MetriCon 4.5 will be a one-day event, Monday, March 1, 2010, in San Francisco, California. Through the cooperation of RSA, the workshop will be held at the University of San Francisco, within walking distance of the Moscone Center, the location of the RSA Conference, to be held during the same week. Mini MetriCon attendees are eligible for free RSA exhibit passes.
Like its predecessors, Mini Metricon 4.5 is an informal workshop designed to facilitate exchange of new ideas as well as practical experience in using metrics to drive better security, compliance, and risk management. The day will be divided between open/moderated exchange and short presentations. Participants are expected to come prepared to actively interact as either presenters or active listeners (or both).
Place: University of San Francisco (within walking distance of the Moscone Center)
Time: 8:30am to 4:30pm
Participation: by invitation.
Attendance: Limited to 80 people
If you would like to participate
Due to space limitations, we are asking all who are interested in participating to send an email to metr…@securitymetrics.org
Please provide some information about who you are, your interest/experience with metrics, what metrics you can bring to discuss, and your preferred level of participation: presenter or active audience participant.
Presenters: Please provide an abstract of 5 paragraphs or less that describes the nature of the metrics and metric results that you would like to present. Following past MetriCon practice, preference will be given to those who respond to this CfP with actual work in progress that demonstrates the value of security metrics with respect to a security-related goal.
Submission of recent, previously published work as well as simultaneous submissions to multiple venues is acceptable if disclosed in your proposal.
Active audience participants: Please indicate your area(s) of specific interest.
Examples of past well-received presentations are:
§ Intel Presentation
§ Verizon Presentation
§ Whitehat Presentation
Visit http://www.securitymetrics.org for digests, presentations, and handouts from past Metricon Workshops.
Notification
To get invitations out well beforehand, we’d like all email submissions to be in-hand by December 5. Our goal is to send invitations to participate by January 15.
Important Dates
– 05 Dec 2009 – Responses Due to this Call
– 15 Jan 2010 – Notification of Acceptance
– 01 Mar 2010 – Mini MetriCon 4.5 Workshop
Program Committee
§ Warren Axelrod, Financial Services Technology Consortium
§ Jennifer Bayuk, Bayuk.com
§ Fred Cohen, Fred Cohen and Associates
§ Lloyd Elam, SigmaRisks
§ Jeremy Epstein, SRI International
§ Dan Geer, In-Q-Tel
§ Renee Guttmann, Time Warner
§ Ray Kaplan, Ray Kaplan & Associates
§ Pete Lindstrom, Spire Security
§ Joe Magee, Vigilant
§ Elizabeth Nichols, Plexlogic
§ Steven Piliero, Center for Internet Security
§ Chris Walsh [Program Committee Chair], SurePayroll
§ Caroline Wong, eBay
Please feel free to contact the Program Chair with any questions. Inquiries beyond administrative matters will be forwarded to the Committee.
Additional information will be posted at www.securitymetrics.org as it becomes available.
. Researchers almost never publish their raw data, but just their models, methods and results. I feel strongly that until we can convince people to share raw data more openly, this is our best shot to figuring real information about what’s going on in the security world. It’s also what drove me to start developing the soon to be renamed Mortman/Hutton Model that Alex and I presented at 
What You’ve Said